|
July 2011
All good things come in three! (or…..)
1. I am happy to announce the new class “The deployment foundation class”. A 4 day class that covers the bases for the tools offered by Microsoft for the deployment of Windows 7. The class is developed and presented by no other than the Microsoft MVP (Setup and Deployment) Rhonda Layfield; known and recognized speaker and instructor at TechEd and other major events. This is the perfect pre-requisite for the Lite Touch and Zero Touch Deployment master classes
First session planned and scheduled for Washington DC in September.
2. Deployment Geek Week travels overseas. We will together with CEO training take the popular Deployment Geek Week to Sydney, Australia. Johan and Mike will run this unique 5 day class directly after the TechEd in Australia and NZ finish. If you can’t make it to TechEd, don’t miss this opportunity to learn from the masters.
3. And if you can’t go down under, and did not get a seat at the Seattle session, there is still an opportunity to meet with Johan and Kent in the “Ultimate ConfigMgr 2012 and MDT training”. This is another unique 5 day class that focuses on the new and long awaited for version of Config Mgr 2012 as well as MDT version next.
4. …..and summer is finally coming to the pacific northwest……
Author updates using SCUP 2011
With the new version of System Center Updates Publisher authoring updates are now easier than ever before. In In this example I will deploy Java 6 update 25 x86. I have already downloaded the update to a local file share “\\sccm4\sccm_sources$\Software\JavaUpd25\jre-6u25-windows-i586.exe”
Before you start author any update you will need to do some detective work. You need to figure out:
· A way to download patch, either vendor site or local file server
· A method to detect whether a given update is required or not.
· A method to detect that you successfully deployed the update.
· Figure out the command line to do a silent installation
· Find the vendor website that contains information about the update.
To detect if a previous version of Java is installed I will query these registry keys:
· Must exist: HKLM\Software\Javasoft\Java Runtime Environment\1.6
· Must not exist: HKLM\Software\Javasoft\Java Runtime Environment\1.6.0_25
To verify that the installation was successful I will query this registry key
· Must exist: HKLM\Software\Javasoft\Java Runtime Environment\1.6.0_25
|
|
Open the SCUP 2011 console and navigate to the Updates workspace. Create folder by using the Ribbon. In this example my folder is called Oracle
|
|
|
Click Create, Software Update on the Ribbon
|
|
|
In Package Source click Browse and navigate to:
jre-6u25-windows-i586.exe.
In download URL (or UNC) type the UNC path to the file:
\\sccm4\sccm_sources$\Software\JavaUpd25\jre-6u25-windows-i586.exe
Binary language (in my example is English)
English
Command line:
/s "IEXPLORER=1 MOZILLA=1" /quiet
Click Next.
|
|
|
In Language select:
English
In Title type:
SUN Java 6 Update 25
In Description type something meaningful like what are being fixed by this update.
In Classification select:
Security
In Vendor type:
Oracle
In Product type:
SUN Java
More Info URL type:
http://www.oracle.com/technetwork/java/javase/6u25releasenotes-356444.html
Click Next.
|
|
|
On the Optional information page you can type the official Update information, is none is provided I suggest you invent a naming standard for the different vendors.
Bulletin ID:
SUNJAVA6UPD25
Article ID
QSUNJAVA6UPD25
Support URL:
http://www.oracle.com/technetwork/java/javase/overview/index.html
Severity:
None Specified
Impact:
Normal
Restart Behavior:
Can request reboot
Click Next
|
|
|
On the prerequisites page click Next.
|
|
|
On the Supersedence page you can select any older version that is being superseded with this update. It requires that the older update is also present in the catalog. In my example, this is the first Java update in the catalog, click Next.
|
|
|
On the Installable rules page you will type in whatever information you have to detect a previous installed version. Click the Yellow star icon.
|
|
|
Rule Type select:
Registry
Subkey type:
Software\Javasoft\Java Runtime Environment\1.6
This registry key is for a 32 bit application on a 64-bit system:
Enabled
Click OK
|
|
|
Click the Yellow icon and create a new rule
Rule Type select:
Registry
Subkey type:
Software\Javasoft\Java Runtime Environment\1.6.0_25
This registry key is for a 32 bit application on a 64-bit system:
Enabled
Click OK
|
|
|
Highlight the last rule and press Alt+G or click the Not icon.
Click Next.
|
|
|
On the Installed rules page you will type in whatever information you have to detect that this new update is successfully installed.
Click the Yellow icon to create a new rule.
Rule Type select:
Registry
Subkey type:
Software\Javasoft\Java Runtime Environment\1.6.0_25
This registry key is for a 32 bit application on a 64-bit system:
Enabled
Click OK
|
|
|
Click Next.
|
|
|
Click Next.
|
|
|
Click Close
|
|
|
Click Publish on the Ribbon, select Full Content and click Next.
|
|
|
Click Next.
|
|
|
Click Close.
The update will now become available in Configuration Manager after the next software update synchronization process.
|
|
 
|
My Configuration Manager 2012 client: installation progress, preparing – installing – installed.
|
|
|
Java 6 update 25 is installed.
|
/Kent
The story behind driver ranking (or why did Windows pick THAT driver)
I like things that are automated but I don’t always like the “automagic”, what I’m trying to say is that I like to know “why” so I can make it work the way I want it to. I while back a customer asked me the very simple question
- Why does Windows 7 pick THAT driver, it is the wrong one?
Before we continue we need to define “wrong” here, wrong could be a working driver, it’s just not that exact driver, could be wrong version, wrong vendor, wrong architecture or whatever that makes it wrong in the eye of the beholder
The process is called Driver Ranking and it occurs when you add drivers to windows, during plug and play it scans the driver repository more matching PNP numbers. If Windows finds multiple drivers that has the same PNP number a ranking process begins. I told my customer and he said simply
- Please, can you do a blog post on that subject
So, I did
http://deploymentbunny.com/2011/06/06/nice-to-know-why-did-windows-7-pick-that-driver/
If you do have an interest in this, read it trough. It will most likely give some more background information and maybe a “aha, that’s way…”
/Mike aka The Deployment Bunny
(btw, both Johan and I have a bunch of sessions at TechEd Australia, hope to see some of you there)
Leftover junk prevents new installation in MDT 2010
One of the most common issues with MDT 2010 Lite Touch deployments is leftover junk from a previous installation preventing a second installation to continue. The solution - Get rid of the junk. Here is sample script...
WARNING!: Per the instructions you will modify the unattend.xml inside the boot image you use for bare metal deployments only, meaning the boot image(s) on your WDS server. Please don't go outside the instructions and modify the boot images in the MDT deployment share - That will kill your entire Refresh and Replace deployments.
Download the sample files
Instructions for Manually updating your x64 boot image
(Just change x64 with x86 for updating your x86 image)
1. Extract the article sample files to a folder
2. Create the D:\Mount folder (My Data drive is D:)
3. Start a Deployment Tools Command Prompt
4. Use ImageX to mount your boot image
ImageX /mountrw D:\RemoteInstall\Boot\x64\Images\LiteTouchPE_x64.wim 1 D:\Mount
5. From the article download folder, copy the ZTICleanSetupInProgress.vbs script to D:\Mount\Deploy\Scripts
6. From the article download folder, copy the x64\Unattend.xml file to D:\Mount (overwrite the existing file)
7. Unmount the wim file (close all Explorer windows first)
ImageX /unmount /commit D:\Mount
8. Done
Note: If you want to automate the above updates of the WDS boot image, you can do this via an Exit function to the Deployment Share Update process. In the C:\Program Files\Microsoft Deployment Toolkit\Samples folder you will find a sample named UpdateExit.vbs that you can customize.
See the Automatically update MDT 2010 boot images in WDS article by Michael Niehaus for more info on the Deployment Share Exit.
/Johan
Finding and adding only the correct device drivers to the Boot image
It seems to me, people tend to add way too many drivers to their boot images, which in some cases make WinPE unstable, and subsequent make the Deployment fail. It also makes it near impossible to figure out which driver versions/types are actually included, as that info is kind of limited from within the Boot Image node itself …
What I do, is find the exact drivers needed for my WinPE environment to work on the specific model(s), and add only those drivers.. If I Can boot WinPE, and gain access to the network (IPCONFIG) and hard disk (DISKPART – list disk), I do not update my boot image, even if I choose to add a new NIC to the deployed OS itself!
In this example I will use a DELL latitude E6320, because this particular machine has a network driver not already included in WinPE.
The first thing to do is go into the device manager and check which driver the network card is using. I usually do this from the Win7 preloaded OS that comes with the machine (you know! before reinstalling). If this is not an option, you can do something similar from within WinPE using DrvLoad.exe, and wmic, but more about that in a late post!!
As you can se from the picture, the Network adaptor is using an Intel® 82579LM Gigabit Network Connection driver.
The problem you then run into, is that, this is not the name of the driver in the Intel driver package. The driver is defined as an INF and the actual name of the driver is found within the particular INF. To find the name of the INF you can check the driver details in properties of the driver. It will show you the SYS file which is always name the same as the INF
As you can see, the driver in question should be e1c6232.inf, and if you download the newest NIC driver package from Intel (or get it from your vendor), and open that driver in notepad, you will find the driver you need inside the INF.
Now the driver must be imported into ConfigMgr. Normally I would import all the NIC drivers, and the look for the same info from within ConfigMgr. Do an import only, no need to add to category, package or Boot Image, at this point. Once imported your NIC drivers will look something like this.
, 
By highlighting the driver you can even see which other drivers are included, and which platforms it I applicable to:
You can see that this particular driver works on Windows 7 x86 SP1, and that it also supports Intel® 82579V Gigabit Network Connection.
The info corresponds to that found in the running OS, so it’s clearly the driver needed in the Boot image. Finally all there is left to do is inject and update DP, and the boot image should work like a charm.
/Michael P
Where to find us......
| Deployment Foundations Class with Rhonda Layfield |
Washington DC |
September 12-15 |
|
Understand how hackers attack the Windows Platform with Marcus Murray
|
Amsterdam
|
September 12-14
|
|
Mastering PKI & Certificate Services 2008 R2 with Hasain Alshakarti
|
Online lIve
London
|
August 15-17
October 31
|
|
Deployment Geek Week with Johan Arwidmark and Mikael Nystrom
|
Redmond, WA
|
July 18-22 SOLDOUT
|
|
The Ultimate ConfigMgr2012 and MDT2012 training with both Kent Agerlund and Johan Arwidmark
|
New York City |
August 15-19 |
Full schedule at http://www.truesec.com
|
